Supreme Court Limits Scope Of The Computer Fraud And Abuse Act
The Consumer Fraud and Abuse Act, 18 U.S.C. §1030 (CFAA) is a federal statute that imposes criminal penalties and provides for a civil cause of action against individuals who obtain information from a computer by intentionally accessing the computer without authorization or by exceeding authorized access. The statute has been used to criminally prosecute and bring civil actions for damages and losses against employees who have misappropriated their employers’ trade secrets or other confidential information. Those damages and losses may include attorneys’ fees expended by the employer to investigate violations of the statute. In its recent opinion in Van Buren v. United States, the United States Supreme Court resolved a disagreement among the lower federal courts over the scope of the CFAA’s “exceeds authorized access” clause. Does an employee with authorized access to his employer’s computers “exceed authorized access” only when accessing specific computer files the employee has not been authorized to access, or does the employee also “exceed authorized access” when accessing files for which the employee has authorization, but uses the information for an unauthorized purpose? In Van Buren, the Supreme Court ruled in favor of the more limited scope of the “exceeds authorized access” clause. Background When employed as a police officer in Georgia, Nathan Van Buren was the target of an...